Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Published byDominic George Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik."— Presentation transcript:

1 Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik

2 CISA 2002 Franci Tajnik cryptographic system u cryptographic algoritm ( math. function) u keys ( word, number, phrase ) u protokol u convert plain text to cipher text

3 CISA 2002 Franci Tajnik Symmetric method DES Cipher text Plaintext Symetric Key Sender Receiver Plaintext Cipher text

4 CISA 2002 Franci Tajnik Asymmetric Key Generation Seed Data Generation Program Secret Key Public Key Asymmetric Relationship

5 CISA 2002 Franci Tajnik Asymmetric method RSA Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private Secrecy

6 CISA 2002 Franci Tajnik Asymmetric method RSA Authentication Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private Plaintext

7 CISA 2002 Franci Tajnik PGP princip Plaintext Sender Receiver Plaintext Public Private One time Session key Encry. Session key Cipher text Encry. Session.key Cipher text Encry. Session key

8 CISA 2002 Franci Tajnik Digital signatures Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private

9 CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Public Private message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160

10 CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Private S message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160 Public R Private R Public S

11 CISA 2002 Franci Tajnik E-mail security Plaintext Sender Receiver Private S message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160 Public R Private R Public S One time Session key Dec.SESS. K e Y ENC.SESS. K E Y

12 CISA 2002 Franci Tajnik Certification Authority Registration Authority Holder Certificate information Public Holder CA Digital signature Private Public Holder Digital certificate RA

13 CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Private S message digest 160 hash signaturePlaintext signaturePlaintext message digest 160 hash message digest 160 Public R Private R Dig.cert. CAS

14 CISA 2002 Franci Tajnik Certification Authority n software for issue the certificates n creates certificates n digitaly signs certificate Registration Authority n people, processes, tools n administration of users

15 CISA 2002 Franci Tajnik Problems n Do you trust the certification company? n What validation process does the company undertake to ensure that an entity is who they claim to be before issuing a certificate? n Who certifies the Certification Authority?

16 CISA 2002 Franci Tajnik Certification Process Certification Authority User Verifies Credentials Creates Certificate Generates Key Set Presents Public Key and Credentials Receives Certificate Public Distribution

17 CISA 2002 Franci Tajnik Requirements for a CA n Outstanding integrity - recognised by others n Financial backing to cover potential liabilities

18 CISA 2002 Franci Tajnik Requirements of a CA n Physically secure environment n Tamper resistant modules for its cryptographic processing n Ability to generate key pairs n Random number generator n Ability to check signatures n Ability to sign certificates

19 CISA 2002 Franci Tajnik Requirements of a CA n Software to support all certificate formats n Clear security policy n Secure, auditable procedures for certificate production n Directory of certificates (including archived certificates)

20 CISA 2002 Franci Tajnik PGP certificate format n PGP version number n certificate holders public key n certificate holders information n digital signature of certificate owner u using holders private key (self signature) n certificate validity period n encryption algorrthm

21 CISA 2002 Franci Tajnik X.509 certificate format n X.509 version number n certificate holders public key n serial number of certificate n certificate holders unique identifier n certificate validity period n unique name of CA n digital signature of CA n signature algorithm

22 CISA 2002 Franci Tajnik Cross Verification Where there is more than one Certification Authority there must be a way of relying on certificates provided by other Certification Authorities Where there is more than one Certification Authority there must be a way of relying on certificates provided by other Certification Authorities

23 CISA 2002 Franci Tajnik Conclusions n The auditor has to accept the integrity of the underlying algorithms n The role of the Certification Authority is critical to the operational process n Certification Authorities will be the key to the entire Public Key Infrastructure (PKI) process

Download ppt "Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Similar presentations

Ads by Google